Can you offer tips for keeping social media accounts and activity secure and compliant?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
The first thing you should remember when considering social media security is that everything said on social media is inherently public. You should plan to follow the same guidelines you use for any release of public information when considering a social media presence. The news is full of organizations that have been burned when someone with access to a corporate social media account posted offensive content, intentionally or accidentally, to the organization's feed.
Next, carefully control the passwords to your social media accounts. Make sure that each account is protected with a strong password and that the password is known only to a very small number of individuals. Unfortunately, most social media services are set up in a consumer-oriented fashion and do not have advanced access controls that allow delegation of posting authority, etc. If you need to grant multiple people access to your account, consider using a third-party service that mediates access without requiring shared passwords.
Finally, use common sense when it comes to social media and compliance requirements. Obviously, social media should never be used for credit card processing or to exchange other sensitive information. Publicly traded companies should also be aware of their obligations under Securities and Exchange Commission (SEC) information disclosure regulations. The CEOs of Twitter and Zipcar both recently learned this the hard way when they ran afoul of Regulation Fair Disclosure by posting information to their social media accounts, which had not been filed with the SEC in advance. Information security managers may not have a lot of direct control over what their CEOs do on social media or otherwise, but it's wise to at least do your best to incorporate dos and don'ts into the organization's social media security and compliance best practices policy.
Dig Deeper on Social media security risks and real-time communication security
Related Q&A from Mike Chapple
It's hard to tell if a company is a HIPAA business associate, but a closer look at HHS documents helps. Expert Mike Chapple discusses a specific case...continue reading
There was speculation in the security world over whether the FedRAMP certification would be helpful or not. Now that it's in full use, Mike Chapple ...continue reading
Medical device companies are part of the health industry, but does that make them a HIPAA covered entity or business associate? Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.